*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
`msgpack_object_print_buffer` didn't check the return value of `snprintf`, it will cause buffer overflow happened when printing an array (or a map) that contained multiple objects. The official is fixed the problem in 3.2.1 version. https://github.com/msgpack/msgpack-c/issues/774 ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: libmsgpackc2 2.1.5-1 ProcVersionSignature: Ubuntu 4.15.0-55.60-generic 4.15.18 Uname: Linux 4.15.0-55-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.7 Architecture: amd64 Date: Thu Jan 30 18:54:19 2020 Dependencies: gcc-8-base 8.3.0-6ubuntu1~18.04.1 libc6 2.27-3ubuntu1 libgcc1 1:8.3.0-6ubuntu1~18.04.1 InstallationDate: Installed on 2018-01-11 (749 days ago) InstallationMedia: Ubuntu-Server 16.04.3 LTS "Xenial Xerus" - Release amd64 (20170801) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: msgpack-c UpgradeStatus: Upgraded to bionic on 2019-06-05 (239 days ago) ** Affects: msgpack-c (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic -- buffer overflow in msgpack_object_print_buffer https://bugs.launchpad.net/bugs/1861448 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs